Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/mbJSYM2VUak0OSRfY0F0uNVTI7I.roa
File: mbJSYM2VUak0OSRfY0F0uNVTI7I.roa (raw, json)
Hash identifier: fu7mSVyHebXt4XJUv2jR9Xfbjwr3yudb3Go5BjaVSYk=
Subject key identifier: 99:B2:52:60:CD:95:51:A9:34:39:24:5F:63:41:74:B8:D5:53:23:B2
Certificate issuer: /CN=51bfb46353bfcccff9412dcbdd480f19b4c98397
Certificate serial: 0193BB263075B5F166916171EB26CC206143
Authority key identifier: 51:BF:B4:63:53:BF:CC:CF:F9:41:2D:CB:DD:48:0F:19:B4:C9:83:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/mbJSYM2VUak0OSRfY0F0uNVTI7I.roa
Signing time: Thu 12 Dec 2024 13:54:22 +0000
ROA not before: Thu 12 Dec 2024 13:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25070
IP address blocks: 88.135.188.0/24 maxlen: 24
109.197.33.0/24 maxlen: 24
109.197.34.0/24 maxlen: 24
109.197.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bb:26:30:75:b5:f1:66:91:61:71:eb:26:cc:20:61:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51bfb46353bfcccff9412dcbdd480f19b4c98397
Validity
Not Before: Dec 12 13:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99b25260cd9551a93439245f634174b8d55323b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:25:04:8b:da:62:b1:ae:e6:78:2e:c1:f3:95:
0a:d1:a8:a1:46:a1:4e:b3:c6:99:5b:eb:a2:f3:c6:
73:43:b2:a0:b5:76:e5:75:7b:61:92:ce:de:95:ff:
ba:39:7a:95:a5:9e:f0:96:ec:f3:be:06:a4:0c:f9:
b7:7c:ee:17:72:f3:de:50:23:92:c0:fb:0d:b8:1a:
68:ef:63:60:31:f6:bb:15:df:c8:22:f3:0d:e8:15:
c4:88:75:5f:c0:c2:d5:18:a0:7f:42:41:a4:56:ae:
3d:d2:b7:5c:6c:1c:4e:d7:bf:4e:58:bd:e2:43:0e:
ae:f1:d5:43:e2:77:6a:61:6a:99:9b:54:91:2b:31:
da:2d:06:e5:b3:97:a5:49:80:c4:fb:31:0e:e6:a1:
8e:a4:d7:73:db:b9:74:91:8d:fd:59:29:01:d2:1d:
1c:f8:7a:51:cc:c2:d1:c8:f8:2e:eb:9c:e2:76:06:
32:90:9c:f5:c1:46:8a:00:f0:85:20:2c:b8:e5:b5:
ee:32:b9:75:e9:2f:27:bf:90:d8:74:45:0a:f3:35:
60:c2:c3:c6:3c:12:4a:63:e1:0e:7d:c0:2d:63:6b:
6c:19:29:a4:e9:cc:b5:ad:66:32:a0:42:cf:fc:c6:
b1:86:17:5e:98:81:ac:af:a9:17:72:c8:e1:94:5b:
5d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B2:52:60:CD:95:51:A9:34:39:24:5F:63:41:74:B8:D5:53:23:B2
X509v3 Authority Key Identifier:
keyid:51:BF:B4:63:53:BF:CC:CF:F9:41:2D:CB:DD:48:0F:19:B4:C9:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/mbJSYM2VUak0OSRfY0F0uNVTI7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.188.0/24
109.197.33.0-109.197.34.255
109.197.38.0/24
Signature Algorithm: sha256WithRSAEncryption
be:38:37:40:b9:c8:a9:ad:1c:66:46:87:cf:36:75:3d:b8:c5:
0c:e4:0a:f9:27:4d:92:d3:6a:83:04:67:c2:97:c5:71:27:03:
26:08:9a:49:28:be:6e:83:a2:b2:eb:70:17:41:9c:c3:e4:ac:
4e:6e:4b:2d:9e:cc:53:73:06:fc:e2:88:e7:be:5b:e7:67:0e:
3a:40:6e:22:2e:32:cd:75:48:30:c4:32:d0:44:fe:83:34:30:
a9:15:e4:69:d9:5b:6e:05:fb:e9:ca:30:47:0f:75:11:13:d9:
8d:cc:1a:0b:94:02:7e:9e:31:6b:7c:dc:66:27:f0:8d:21:73:
bc:6b:1f:8e:7b:e2:04:7b:07:65:41:db:bf:2b:a6:5d:90:6f:
02:8b:d2:0b:43:f2:7b:ec:49:cc:35:6c:3e:8c:69:ac:8e:58:
5c:15:70:95:e4:17:60:ea:56:23:f8:5c:7c:ee:51:d4:1e:1a:
73:93:f9:e4:f6:fc:82:2b:d9:dc:fd:e6:69:42:4e:4a:53:12:
ca:e6:61:82:b2:5f:74:75:72:16:91:3c:72:bc:c7:e6:25:e7:
20:5b:25:e4:65:c6:b5:4a:c3:a2:08:a1:d6:65:9d:2c:a1:b8:
80:58:b8:3b:db:6f:22:c3:ff:c5:6d:05:85:52:8e:7a:80:76:
71:b0:1f:e5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZO7JjB1tfFmkWFx6ybMIGFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYmZiNDYzNTNiZmNjY2ZmOTQxMmRjYmRkNDgwZjE5YjRj
OTgzOTcwHhcNMjQxMjEyMTM1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWIyNTI2MGNkOTU1MWE5MzQzOTI0NWY2MzQxNzRiOGQ1NTMyM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyUEi9pisa7meC7B85UK0aihRqFO
s8aZW+ui88ZzQ7KgtXbldXthks7elf+6OXqVpZ7wluzzvgakDPm3fO4XcvPeUCOS
wPsNuBpo72NgMfa7Fd/IIvMN6BXEiHVfwMLVGKB/QkGkVq490rdcbBxO179OWL3i
Qw6u8dVD4ndqYWqZm1SRKzHaLQbls5elSYDE+zEO5qGOpNdz27l0kY39WSkB0h0c
+HpRzMLRyPgu65zidgYykJz1wUaKAPCFICy45bXuMrl16S8nv5DYdEUK8zVgwsPG
PBJKY+EOfcAtY2tsGSmk6cy1rWYyoELP/MaxhhdemIGsr6kXcsjhlFtdqQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJmyUmDNlVGpNDkkX2NBdLjVUyOyMB8GA1UdIwQY
MBaAFFG/tGNTv8zP+UEty91IDxm0yYOXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWItMFkxT196TV81UVMzTDNVZ1BHYlRKZzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kOTI1NTctOGM0Ni00ODJjLTkxYTgt
YzFlOTc0YmVkMTJlLzEvbWJKU1lNMlZVYWswT1NSZlkwRjB1TlZUSTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kOTI1NTctOGM0Ni00ODJjLTkxYTgtYzFlOTc0YmVkMTJl
LzEvVWItMFkxT196TV81UVMzTDNVZ1BHYlRKZzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWIe8MAwD
BABtxSEDBABtxSIDBABtxSYwDQYJKoZIhvcNAQELBQADggEBAL44N0C5yKmtHGZG
h882dT24xQzkCvknTZLTaoMEZ8KXxXEnAyYImkkovm6DorLrcBdBnMPkrE5uSy2e
zFNzBvziiOe+W+dnDjpAbiIuMs11SDDEMtBE/oM0MKkV5GnZW24F++nKMEcPdRET
2Y3MGguUAn6eMWt83GYn8I0hc7xrH4574gR7B2VB278rpl2QbwKL0gtD8nvsScw1
bD6MaayOWFwVcJXkF2DqViP4XHzuUdQeGnOT+eT2/IIr2dz95mlCTkpTEsrmYYKy
X3R1chaRPHK8x+Yl5yBbJeRlxrVKw6IIodZlnSyhuIBYuDvbbyLD/8VtBYVSjnqA
dnGwH+U=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:44:28 2025 by rpki-client